diff options
| author | Olcan <[email protected]> | 2025-06-11 11:31:38 -0700 |
|---|---|---|
| committer | GitHub <[email protected]> | 2025-06-11 11:31:38 -0700 |
| commit | f75c48323ce65f651381c74ae75a1795e7cc5c45 (patch) | |
| tree | f955ccd3922fa867f8526eb0cce5553f5ed95d6b /packages/cli/src | |
| parent | 03bc1f314121c381ac4fe19f031fe90fbcf95179 (diff) | |
fixes to proxy on macos: prevent curl from hanging during wait-for-proxy by adding ipv6 support and timeout (#947)
Diffstat (limited to 'packages/cli/src')
| -rw-r--r-- | packages/cli/src/utils/sandbox-macos-permissive-proxied.sb | 2 | ||||
| -rw-r--r-- | packages/cli/src/utils/sandbox-macos-restrictive-proxied.sb | 2 | ||||
| -rw-r--r-- | packages/cli/src/utils/sandbox.ts | 6 |
3 files changed, 6 insertions, 4 deletions
diff --git a/packages/cli/src/utils/sandbox-macos-permissive-proxied.sb b/packages/cli/src/utils/sandbox-macos-permissive-proxied.sb index 861e503d..842fb6a4 100644 --- a/packages/cli/src/utils/sandbox-macos-permissive-proxied.sb +++ b/packages/cli/src/utils/sandbox-macos-permissive-proxied.sb @@ -24,7 +24,7 @@ ;; deny all outbound network traffic EXCEPT through proxy on localhost:8877 ;; set `GEMINI_SANDBOX_PROXY_COMMAND=<command>` to run proxy alongside sandbox -;; proxy must listen on 0.0.0.0:8877 (see scripts/example-proxy.js) +;; proxy must listen on :::8877 (see scripts/example-proxy.js) (deny network-outbound) (allow network-outbound (remote tcp "localhost:8877")) diff --git a/packages/cli/src/utils/sandbox-macos-restrictive-proxied.sb b/packages/cli/src/utils/sandbox-macos-restrictive-proxied.sb index cc4c1e5e..826055e5 100644 --- a/packages/cli/src/utils/sandbox-macos-restrictive-proxied.sb +++ b/packages/cli/src/utils/sandbox-macos-restrictive-proxied.sb @@ -88,5 +88,5 @@ ;; allow outbound network traffic through proxy on localhost:8877 ;; set `GEMINI_SANDBOX_PROXY_COMMAND=<command>` to run proxy alongside sandbox -;; proxy must listen on 0.0.0.0:8877 (see scripts/example-proxy.js) +;; proxy must listen on :::8877 (see scripts/example-proxy.js) (allow network-outbound (remote tcp "localhost:8877")) diff --git a/packages/cli/src/utils/sandbox.ts b/packages/cli/src/utils/sandbox.ts index d47c44b5..0cb1eb54 100644 --- a/packages/cli/src/utils/sandbox.ts +++ b/packages/cli/src/utils/sandbox.ts @@ -339,7 +339,7 @@ export async function start_sandbox(sandbox: string) { }); console.log('waiting for proxy to start ...'); await execAsync( - `until curl -s http://localhost:8877; do sleep 0.25; done`, + `until timeout 0.25 curl -s http://localhost:8877; do sleep 0.25; done`, ); } // spawn child and let it inherit stdio @@ -661,7 +661,9 @@ export async function start_sandbox(sandbox: string) { process.exit(1); }); console.log('waiting for proxy to start ...'); - await execAsync(`until curl -s http://localhost:8877; do sleep 0.25; done`); + await execAsync( + `until timeout 0.25 curl -s http://localhost:8877; do sleep 0.25; done`, + ); // connect proxy container to sandbox network // (workaround for older versions of docker that don't support multiple --network args) await execAsync( |